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Administrative Domains and Routing Domains 
A Model for Routing in the Internet 
1) Status of this Memo 
This RFC proposes a model for describing routing within the Internet. 
The model is an adaptation of the "OSI Routeing Framework" [1]. This 
memo does not specify an Internet standard. Comments are welcome. 
Distribution of this memo is unlimited. 
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3) Overview 


The "core" model of Autonomous Systems [2] formed the basis for the 


routing model used in the Internet. Due to massive growth and 
topology changes, the "core" model no longer is in harmony with the 
reality of today’s Internet. Indeed, this situation was foreseen at 


the outset: 


"Ultimately, however, the internet may consist of a number of co- 
equal autonomous systems, any of which may be used...as a 
transport medium for traffic originating in any system and 
destined for any system. When this more complex configuration 
comes into being, it will be inappropriate to regard any one 
autonomous system as a "core" system" [2]. 


Furthermore, the Autonomous System concept has been outgrown in 
certain parts of the Internet, in which the complexity of regional 
routing has exceeded the limits of the definition of Autonomous 
Systems. 


A model which can provide a better match to the Internet can be found 
in the "OSI Routeing Framework" [1]. 


This framework proposes a structure of Routing Domains within 


Administrative Domains. This paper is intended to briefly describe 
this framework, to outline how this model better fits the reality of 
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the present and future Internet, and to show how the model can aid in 
the construction of well-engineered routing environments. 


4) Terminology 


The following is a brief glossary of OSI terminology. Formal 
definitions can be found in the OSI Basic Reference Model [4], the 
Internal Organization of the Network Layer [5], and the OSI Routeing 
Framework [1]. 


"Routeing" is the official ISO spelling of what is more 
commonly spelled "routing." In this paper, the ISO spelling 
will be used wherever directly quoted from ISO documents, and 
the common spelling used otherwise. 


End System (ES) 


An OSI system on which applications run. An End System has 
full seven-layer OSI functionality. Basically equivalent to an 
Internet Host. 


Intermediate System (IS) 


An OSI system that performs routing and relaying functions in 
order to provide paths between End Systems. Intermediate 
Systems have no functionality above the Network Layer (although 
a practical realization of an OSI router will have some amount 
of End System functionality for network management functions, 
among other things). Basically equivalent to an Internet 
Router. 


Subnetwork (SN) 


A communications medium that provides a "direct" path between 


Network Layer entities. This can be realized via a point-to- 
point link, a LAN, a Public Data Network, and so forth. This 
is essentially equivalent to an Internet Subnet. It is worth 


noting that, unlike Internet Subnets, OSI Subnetworks are not 
necessarily reflected in the addressing hierarchy, so the 


double meaning of the Internet term "Subnet" (a single IP hop; 
a part of the address hierarchy) does not hold in the OSI 
world. 


Open Systems Interconnection Environment (OSIE) 


The global collection of Open Systems. Basically equivalent to 
the Internet. 
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Network Service Access Point (NSAP) 


A conceptual point on the Network/Transport Layer boundary in 
an End System that is globally addressable (and the address 
globally unambiguous) in the OSIE. An NSAP represents a 
service available above the Network Layer (such as a choice of 
transport protocols). An End System may have multiple NSAPs. 
An NSAP address is roughly equivalent to the Internet [address, 
protocol] pair. 


Administrative Domain (AD) 


"A collection of End Systems, Intermediate Systems, and 
subnetworks operated by a single organization or administrative 
authority. The components which make up the domain are assumed 
to interoperate with a significant degree of mutual trust among 
themselves, but interoperate with other Administrative Domains 
in a mutually suspicious manner" [1]. 


A group of hosts, routers, and networks operated and managed by 
a single organization. Routing within an Administrative Domain 
is based on a consistent technical plan. An Administrative 
Domain is viewed from the outside, for purposes of routing, as 
a cohesive entity, of which the internal structure is 
unimportant. Information passed by other Administrative 
Domains is trusted less than information from one’s own 
Administrative Domain. 


Administrative Domains can be organized into a loose hierarchy 
that reflects the availability and authoritativeness of routing 
information. This hierarchy does not imply administrative 
containment, nor does it imply a strict tree topology. 

Routing Domain (RD) 
"A set of End Systems and Intermediate Systems which operate 
according to the same routeing procedures and which is wholly 


contained within a single Administrative Domain" [1]. 


"A Routeing Domain is a set of ISs and ESs bound by a common 
routeing procedure; namely: 


they are using the same set of routeing metrics, 
they use compatible metric measurement techniques, 


they use the same information distribution protocol, and 
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they use the same path computation algorithm" [1]. 


The "OSI Routeing Framework" further provides a formal 
definition of a Routing Domain, specifying that all ISs within 
a Routing Domain can determine whether an ES within the domain 
is reachable, and if so can derive a path to it. 


Routing Domains may be divided into subdomains, not unlike 
subnetting in the Internet. This allows a hierarchical 
structuring of the domain, permitting containment of the 
topological details of a subdomain with the resultant reduction 
in distributed routing information. 


An intra-Routing Domain routing protocol is equivalent to an 
Internet Interior Gateway Protocol (IGP). 


An Administrative Domain may contain multiple Routing Domains. 
A Routing Domain may never span multiple Administrative 
Domains. 


An Administrative Domain may consist of only a single Routing 
Domain, in which case they are said to be Congruent. A 
congruent Administrative Domain and Routing Domain is analogous 
to an Internet Autonomous System. 


Common Domain (CD) 


"An Administrative Domain which is not a member of a higher 
level domain. A common domain is the highest level in the 
routeing hierarchy. There is no single domain above the common 
domain. In this sense, the routeing hierarchy is in fact 
multiple hierarchies, with the common domain as the highest 
element of each hierarchy". 


"Where there are multiple common domains, they cooperate as 
peers to make it possible to route to any NSAP in the OSIE" 
EEI 


Common Domains have global routing information to the extent 
necessary to route packets to the proper domain. Each of the 
several peer national backbones in today’s Internet may be 
considered to be similar to a Common Domain. Note that in the 
Internet the hierarchical containment implied by the definition 
of a CD does not really exist; however, there is a level of 
implicit ordering based on topology and policy issues (the 
willingness to be used as a transit network) that can be viewed 
as defining a Common Domain in the Internet. 
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5) 


For completeness, we offer the following definition for an Internet 
Autonomous System (AS): 


"An ‘autonomous system’ consists of a set of gateways, each of 
which can reach any other gateway in the same system using paths 
via gateways only in that system. The gateways of a system 
cooperatively maintain a routing data base using an interior 
gateway protocol (IGP)..." [3] 


Environment and Goals 


The "OSI Routeing Framework" describes the environment for OSI 
routing as well as its goals. The environment described is a highly 
interconnected, highly heterogeneous collection of LANs and public 
and private networks made up of a diverse collection of equipment 
from multiple vendors. A number of goals are enumerated, including: 


- Support of multiple subnetwork types 

- Very large numbers of connected systems 

- End System simplicity 

- Multiple organizations with mutual distrust and policy/legal 
restrictions 

- High performance 

- Robust and dynamic routing in the face of topological changes 


The environment and goals described are a good match for those in the 
Internet. The Internet crosses multiple types of physical media, 
link layer protocols, and administrative controls. Routers and hosts 
may come from many vendors. The Internet has become international in 
scope. Issues of security and the isolation of bad routing 
information have become international concerns. 


The Internet environment, with over 900 highly connected networks 
(and growing exponentially), is very much like the environment the 
OSI model aims to describe. 


Structure of Global Routing 
The "OSI Routeing Framework" classifies routing into three types: 


- within a Routing Domain 
- within an Administrative Domain 
- between Administrative Domains 


Routing within a Routing Domain involves a high level of mutual 
trust. This allows the use of complex, tightly-coupled procedures 
that can make the best use of dynamic, highly interconnected 
environments. 
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Routing Domains may be recursively subdivided into Subdomains in 
order to reduce routing complexity. The details of a subdomain may 
be largely hidden from other subdomains with an attendant reduction 
in the volume of routing information exchanged. 


Intra-Administrative Domain routing is concerned with interconnecting 
multiple Routing Domains within an administration. Issues may 
include address administration, cost recovery, and policy concerns. 

A moderate level of trust is assumed. The nature of the interactions 
between Routing Domains can range from being tightly coupled (best 
path routing between two RDs running different routing protocols) to 
being more policy-based. However, inter-RD routing within an 
Administrative Domain is tightly coordinated and represents a unified 
technical plan. 


Inter-Administrative Domain routing is concerned with managing and 
controlling the flow of information in a highly structured way 
between organizations that may require formal multilateral 
agreements. The issues of concern at this level tend to be 
administrative in nature (legal/political constraints, security, 
access control, etc.). Multiple agreements between multiple 
administrations are unlikely to be implicitly transitive. This makes 
the analysis of policy interactions very important. 


7) Mapping the AD/RD Model Onto the Internet 


The national network backbones (NSFNET, ARPANET, MILNET, NSN, and 
soon ESNET) can be viewed as Common Domains. Each may have 
sufficiently global routing knowledge to determine a path to any 
Internet address. 


Regional networks are clearly Administrative Domains. Multilateral 
policy agreements are defined between the regional networks and the 


backbones. On the other hand, regional networks very often are 
tightly coupled to individual networks and campus networks in terms 
of routing. In this sense, a regional network could be viewed as a 


Routing Domain with individual campuses thought of as Subdomains. 


From the standpoint of routing functionality, it is most useful to 
view a "classic" Autonomous System as a congruent Routing Domain and 
Administrative Domain. An AS as defined represents both a single IGP 
and a point of policy administration. The sixteen bit value now 
known as the Autonomous System number may instead be viewed as an 
Administrative Domain number. 


In reality, however, many so-called Autonomous Systems today do not 


adhere to the strict definition of an AS. In theory, an Autonomous 
System is quite similar to a Routing Domain, in which a high level of 
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trust is made between systems, a consistent IGP is run, and full 
routing information is distributed. On the other hand, AS numbers 
have become an abstraction for policy groupings to backbones. 
Indeed, entire regional networks are viewed by the backbones as a 
single Autonomous System, even though they are not nearly as 
homogeneous as the AS model specifies. Such entities can be viewed 
as an Administrative Domain containing several Routing Domains. 


Although it is true that, in this interpretation, multiple 
nontechnical administrations are represented within a single 
Administrative Domain (in conflict with the definition of an 
Administrative Domain), such structures require a single approach to 
internal routing. Even if there is not a true administration 
representing the collection of domains (such as a consortium), there 
typically is a technical committee to settle common technical issues. 


The AD/RD Model as an Engineering Tool 


Current Autonomous Systems cross administrative boundaries with 
impunity. This works as long as the individual administrations 
operating within the common AS agree to a common technical policy for 
routing and network management. Connections with other backbones, 
regional networks, and campus networks must be planned, implemented, 
and managed in a coordinated fashion. 


This coordination becomes more difficult, but more necessary, as the 
AS grows. As connectivity and policy become more complex, current 
Autonomous Systems start to fragment. An example of this is a 
network that is currently a member of an NSFNET regional network but 
will be adding a connection to ESNET. The administrators of the 
network and the regional network must carefully coordinate the 
changes necessary to implement this connection, including possibly 
altering the boundaries of policy and routing. A lack of 
coordination could result in routing loops and policy violations. 


A point that is being increasingly realized is that the entity 
responsible for exterior or policy routing (be it an Autonomous 
System or an Administrative Domain) must have a common technical 
policy for routing. The effects of attempting different approaches 
to policy and external routing while maintaining a single AS have 
been painfully evident in real instances in the Internet. 


Under the AD/RD model, a routing domain cannot be in two 
Administrative Domains. For example, if a campus network wants to 
set its own routing policy and enforce it via management of their 
routers, the campus has elected to become a separate Administrative 
Domain. If that campus uses a common IGP with other campuses, it 
represents an attempt to split a Routing Domain (the regional network 
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10) 


with a common IGP) across multiple Administrative Domains (the campus 
and the rest of the regional). Such arrangements represent dubious 
engineering practice, cause real routing problems, and are disallowed 
by the AD/RD model. 


Under the strict Autonomous System model, only one IGP can exist 
within an AS. However, many regional networks are successfully using 
multiple IGPs. The AD/RD model allows this valuable routing 
topology. Such a topology would also be allowed by the AS model if 
it were to be broadened to allow multiple IGPs, in which case an AS 
and an AD would effectively become equivalent. 


The AD/RD Model in a Dual Protocol Internet 


As the OSI protocol suite is deployed and an OSI Internet is 
constructed, it is very likely that significant portions of the 
current TCP/IP Internet will also carry OSI traffic. Many router 
vendors provide dual protocol capability today, or will in the near 
future, and the investment in network infrastructure is such that it 
is unlikely that a separate, parallel internet will be established 
for OSI traffic. 


It is logical to assume that, in many cases, the same technical and 
administrative boundaries will apply to both DoD IP and OSI 
protocols, and in some cases a single routing protocol may be used to 
support both protocol suites. 


Thus, it would be most advantageous to have a common model and common 
nomenclature in order to provide a more unified, manageable routing 
environment. Given that the OSI Routeing Framework represents the 
model on which OSI routing is built, the use of the AD/RD model to 
describe the existing Internet is an appropriate step toward 
describing and building the combined internet. 


Conclusions 


The AD/RD model of routing describes the current Internet better than 
existing models because it describes: 


- How Intra-Domain and Inter-Domain relationships work at both 
routing and policy level 


- How routing domains and administrative domains can be 
hierarchically related 


- The existence of multiple national peers 


- A common model for dual protocol internets 
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The expanding Internet has grown from the "core" model with several 
small attached networks to a highly interconnected environment that 
spans several continents. Several national peer networks serve an 
ever-growing set of regional networks. The AD/RD model can help 
Internet protocol designers abstract the functional pieces from the 
large Internet. 


The Internet grows daily. Any model of Internet routing needs to 
provide a way to understand and order the growth. The ISO Routeing 
Framework provides a structure to handle such growth. 
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Security Considerations 

Security issues are not addressed in this memo. 
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